Method and system for securing communication

ABSTRACT

A method for securing communication among members of a group. The method includes a first member obtaining a first secret. An n-bit generator executing on the first member generates a first message digest using the first secret. The first member extracts a first encryption solution and a second encryption solution, at least in part, from the first message digest, encrypts a first communication using the first encryption solution to obtain a first encrypted communication, and sends, to a second member of the group, the first encrypted communication. The first member further receives, from the second member, a second encrypted communication, and decrypts the second encrypted communication using the second encryption solution to obtain a second communication.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims priority to PCT Application No.PCT/US10/28583 filed on Mar. 25, 2010, entitled, “METHOD AND SYSTEM FORSECURING COMMUNICATION,” and incorporated herein by reference. PCTApplication No. PCT/US10/28583 claims priority to U.S. ProvisionalApplication No. 61/163,417 filed on Mar. 25, 2009 and entitled,“BILATERAL AUTHENTICATION AND ENCRYPTION SYSTEM INCLUDING ENCRYPTIONALGORITHM SELECTION,” and incorporated herein by reference.

BACKGROUND

The computer system assists in managing (e.g., storing, organizing, andcommunicating) a large amount of information. Some of the informationmanaged by a computer system is confidential. In other words, access tosuch information is intended to be limited. Traditional protectionschemes attempt to prevent unauthorized users from accessing theconfidential information by requiring that a user provide usercredentials, for example, a username and password, at a predefined entrypoint, to access an account that includes the confidential information.Protecting only the predefined entry points, however, fails to accountfor nefarious individuals creating other entry points by exploitingcomputer system vulnerabilities. For example, knowledge of a user'shardware and software system, system configuration, types of networkconnections, etc. may be used to create an entry point and gain accessto the confidential information.

In order to prevent unauthorized access to the confidential information,the confidential information may be encrypted. Encryption is a processof transforming the clear text confidential information into anencrypted format that is unreadable by anyone or anything that does notpossess a corresponding decryption key. An encryption algorithm and anencryption key are used to perform the transformation. Encryptiontechnology is classified into two primary technology types: symmetricencryption technology and asymmetric encryption technology. Symmetricencryption technology uses the same encryption key to both encrypt anddecrypt confidential information. Asymmetric encryption technology usesa pair of corresponding encryption keys: one encryption key to encryptdata and the other encryption key of the pair to decrypt the data.

SUMMARY

In general, in one aspect, the invention relates to a method forsecuring communication among members. The method includes a first memberobtaining a first secret. An n-bit generator executing on the firstmember generates a first message digest using the first secret. Thefirst member extracts a first encryption solution and a secondencryption solution, at least in part, from the first message digest,encrypts a first communication using the first encryption solution toobtain a first encrypted communication, and sends, to a second member ofthe group, the first encrypted communication. The first member furtherreceives, from the second member, a second encrypted communication, anddecrypts the second encrypted communication using the second encryptionsolution to obtain a second communication.

In general, in one aspect, the invention relates to a computing devicefor securing communication among a plurality of members. The computingdevice includes a processor, a memory, and software instructions storedin memory. The software instructions cause the computing device toobtain a first secret, generate, by an n-bit generator, a first messagedigest using the first secret, and extract a first encryption solutionand a second encryption solution, at least in part, from the firstmessage digest. The software instructions further cause the computersystem to encrypt a first communication using the first encryptionsolution to obtain a first encrypted communication, and send, to asecond member of the group, the first encrypted communication. Thesoftware instructions further cause the computer system to receive, fromthe second member, a second encrypted communication, and decrypt thesecond encrypted communication using the second encryption solution toobtain a second communication.

In general, in one aspect, the invention relates to a computer readablemedium comprising computer readable program code embodied therein forcausing a computer system to perform a method for securing communicationamong members. The method includes a first member obtaining a firstsecret. An n-bit generator executing on the first member generates afirst message digest using the first secret. The first member extracts afirst encryption solution and a second encryption solution, at least inpart, from the first message digest, encrypts a first communicationusing the first encryption solution to obtain a first encryptedcommunication, and sends, to a second member of the group, the firstencrypted communication. The first member further receives, from thesecond member, a second encrypted communication, and decrypts the secondencrypted communication using the second encryption solution to obtain asecond communication.

Other aspects of the invention will be apparent from the followingdescription and the appended claims.

BRIEF DESCRIPTION OF DRAWINGS

FIGS. 1A-1B show schematic diagrams in accordance with one or moreembodiments of the invention.

FIGS. 2-5B show flowcharts in accordance with one or more embodiments ofthe invention.

FIGS. 6-8B show example message digests in accordance with one or moreembodiments of the invention.

FIG. 9 shows a computer system in accordance with one or moreembodiments of the invention.

DETAILED DESCRIPTION

Specific embodiments of the invention will now be described in detailwith reference to the accompanying figures. Like elements in the variousfigures are denoted by like reference numerals for consistency.

In the following detailed description of embodiments of the invention,numerous specific details are set forth in order to provide a morethorough understanding of the invention. However, it will be apparent toone of ordinary skill in the art that the invention may be practicedwithout these specific details. In other instances, well-known featureshave not been described in detail to avoid unnecessarily complicatingthe description.

In general, embodiments of the invention relate to securingcommunication between members of a group, where each member is acomputing device. In one or more embodiments of the invention, the groupis two or more members that share (or intend to share) confidentialinformation. The confidential information may be transmitted ascommunication (or portion thereof). Examples of communications include,but are not limited to, short messaging service (SMS) messages,electronic mail (e-mail), chat messages, audio message, graphics,audio-visual messages (e.g., video file, streaming video, etc.). As usedherein, a communication is encrypted when at least a portion of thecommunication is encrypted.

In one embodiment of the invention, a computing device is any physicalor virtual device that may be used to perform embodiments of theinvention. The physical device may correspond to any physical systemwith functionality to implement one or more embodiments of theinvention. For example, the physical device may be implemented on ageneral purpose computing device (i.e., a device with a processor(s) andan operating system) such as, but not limited to, a desktop computer, alaptop computer, a gaming console, a mobile device (e.g., smart phone, apersonal digital assistant, gaming device).

Alternatively, the physical device may be a special purpose computingdevice that includes an application-specific processor(s)/hardwareconfigured to only execute embodiments of the invention. In such cases,the physical device may implement embodiments of the invention inhardware as a family of circuits and limited functionality to receiveinput and generate output in accordance with various embodiments of theinvention. In addition, such computing devices may use a state-machineto implement various embodiments of the invention.

In another embodiment of the invention, the physical device maycorrespond to a computing device that includes both a general purposeprocessor(s) and an application-specific processor(s)/hardware. In suchcases, one or more portions of the invention may be implemented usingthe operating system and general purpose processor(s), and one or moreportions of the invention may be implemented using theapplication-specific processor(s)/hardware.

The virtual device may correspond to a virtual machine. Broadlyspeaking, the virtual machines are distinct operating environmentsconfigured to inherit underlying functionality of the host operatingsystem (and access to the underlying host hardware) via an abstractionlayer. In one or more embodiments of the invention, a virtual machineincludes a separate instance of an operating system, which is distinctfrom the host operating system. For example, one or more embodiments ofthe invention may be implemented on VMware® architectures involving: (i)one or more virtual machines executing on a host computer system suchthat each virtual machine serves as host to an instance of a guestoperating system; and (ii) a hypervisor layer serving to facilitateintra-host communication between the one or more virtual machines andhost computer system hardware. Alternatively, one or more embodiments ofthe invention may be implemented on Xen® architectures involving: (i) acontrol host operating system (e.g., Dom 0) including a hypervisor; and(ii) one or more VMs (e.g., Dom U) executing guest operating systeminstances. The invention is not limited to the aforementioned exemplaryarchitectures. VMware® is a registered trademark of VMware, Inc. Xen® isa trademark overseen by the Xen Project Advisory Board.

Each of the members may be used by, for example, an individual, abusiness entity, a family, any other entity, or any combination thereof.For example, a group may have, as members, John Smith's computing deviceand Jane Doe's computing device. As another example, a group may have,as members, John Smith's smart phone, John Smith's personal computer,and John Smith's gaming console. As another example, a group may have,as members, John Smith's computing device, Jane Smith's computingdevice, and the servers of the Smith's financial advisors. Otherpossible groups may exist without departing from the scope of theinvention.

In one or more embodiments of the invention, an n-bit generatorexecuting on a member of the group generates one or more messagedigest(s) using a secret. The generated message digest(s) includesencryption solutions. An encryption solution includes parameters used toencrypt communications. By way of an example and not intended to limitthe scope of the invention, an encryption solution may include anencryption key, an encryption key length, algorithm selector bits forselecting the encryption algorithm, and/or other components.

In one or more embodiments of the invention, each member or subset ofmembers has a corresponding unique encryption solution that the memberuses to send or receive communications by the member or subset ofmembers. Thus, the encryption solution for sending communications isdifferent then the encryption solution for receiving communications.Each member generates the encryption solution for each other member ofthe group. Specifically, when a communication is to be sent, a firstencryption solution is obtained and used to encrypt the communication.The member sends the encrypted communication to other member(s) of thegroup. The other member(s) may use the first encryption solution todecrypt the encrypted communication. Specifically, the other members usetheir copy of the first encryption solution to decrypt the encryptedcommunication. Further, when an encrypted communication is received, thesecond encryption solution is obtained and used to decrypt thecommunication.

If the encryption solution includes algorithm selector bits, then thealgorithm selector bits allow for changing of the encryption algorithmthat is used by the members of the group. Specifically, not only may theencryption key change periodically, but the encryption algorithm mayalso change. Further, the encryption algorithm may be different for thecommunications sent and the communications received. Thus, a nefarioususer or computer system may be unlikely to both identify the encryptionalgorithm and the encryption key for both the sending side and thereceiving side of a given communication between members of a group.

In one or more embodiments of the invention, an encryption solutionincludes information used to encrypt and/or decrypt a communication. Forexample, the encryption solution may include an encryption key, a keylength of the encryption key, algorithm selector bits for selecting anencryption algorithm, and/or any other component that may be used forencryption

FIGS. 1A-1B show schematic diagrams in accordance with one or moreembodiments of the invention. As shown in FIG. 1A, the system includes anetwork (102) and members (e.g., 104A, 104B). These components aredescribed below.

In one or more embodiments of the invention, a network (102) is aninterconnection of devices that allow for communication between any twodevices within the network. For example, the network (102) maycorrespond to a local area network (LAN), a wide area network (WAN),such as the Internet, any other type of wired or wireless network, orcombination thereof.

In one or more embodiments of the invention, each member (e.g., 104A,104B) includes a security application (e.g., 106A, 106B), a secretsrepository (e.g., 108A, 108B), and an algorithm selector table (110A,110B). The security application (e.g., 106A, 106B) on each member (e.g.,104A, 104B) may be instances of the same application, different versionsof the same application, or different applications. Further, thesecurity application (e.g., 106A, 106B) may correspond to a completeprogram product or a programming module of another application. Forexample, the security application (e.g., 106A, 106B) may be a part ofand provide security for a banking or commerce application. In one ormore embodiments of the invention, the security application (e.g., 106A,106B) includes an n-bit generator (e.g. 112A, 112B) and an encryptionmodule (e.g. 114A, 114B). Each of the components of the securityapplication (e.g. 106A, 106B) may be implemented in hardware, software,firmware, or a combination thereof. The components of the securityapplication are discussed below.

In one or more embodiments of the invention, an n-bit generator (e.g.,112A, 112B) includes functionality to receive and process one or moreinputs to generate a message digest. A message digest is a string ofcharacters, which may be represented as a bit-string, in accordance withone or more embodiments of the invention. In one or more embodiments ofthe invention, the message digest is a bit string. Further, the n-bitgenerator includes functionality to generate a deterministic andrepeatable message digest, which appears pseudo-random or random, inaccordance with one or more embodiments of the invention. Apseudo-random output (e.g., message digest) is output that is repeatableand predictable but appears random. Specifically, in one or moreembodiments of the invention, although the message digest is repeatableand calculable when the inputs and the operations performed by the n-bitgenerator (e.g., 112A, 112B) are known, the message digest appearsrandom. The apparent randomness may be with respect to someone who knowsor does not know the inputs in accordance with one or more embodimentsof the invention. Alternatively, or additionally, the apparentrandomness may be with respect to someone who does not know theoperations performed by the n-bit generator in accordance with one ormore embodiments of the invention. In one or more embodiments of theinvention, the message digest is deterministic in that a single outputexists for a given set of inputs. Moreover, the message digest may be afixed length. In other words, regardless of the input length, the samen-bit generator (e.g., 112A, 112B) may produce a message digest with afixed length.

The number of bits in the input to the n-bit generator may be differentor the same as the number of bits in the output produced by the n-bitgenerator. For example, if the n-bit generator accepts n number of bitsfor input and produces m number of bits for output, m may be less than,equal to, or greater than n. Multiple iterations of the n-bit generatormay be performed to construct an ever-increasing m-bit result thatincludes multiple message digests.

Further, the n-bit generator (e.g., 112A, 112B) includes functionalityto generate a deterministic message digest. Specifically, the n-bitgenerator (e.g., 112A, 112B) has the following two properties. First,the n-bit generator (e.g., 112A, 112B) generates the same message digestwhen provided with the same input(s). Second, the n-bit generatorgenerates, with a high probability, a different message digest whenprovided with different input(s). For example, a single bit change inthe input may result in a significant change of the bits in theresulting message digest. In the example, the change may be fiftypercent of the bits depending on the type of n-bit generator used.However, a greater percentage or less percentage of bits may changewithout departing from the scope of the invention.

The n-bit generator (e.g., 112A, 112B) may include multiplesub-routines, such as a bit shuffler (not shown) and a hash function(not shown). In one or more embodiments of the invention, the bitshuffler includes functionality to combine multiple inputs into a singleoutput. Specifically, the bit shuffler applies a function to the bitlevel representation of inputs to generate a resulting set of outputbits. The output of the bit shuffler may appear as a shuffling of bitsin each of inputs and may or may not have the same ratio of 1's to 0'sas the input. In one or more embodiments of the invention, the bitshuffling by the bit shuffler has a commutative property. In otherwords, the order that inputs are provided to the bit shuffler does notaffect the output. For example, consider the scenario in which theinputs are input X, input Y, and input Z. Bit shuffling on input X,input Y, and input Z produces the same output as bit shuffling on inputY, input Z, and input X.

In one embodiment of the invention, the bit shuffler may correspond toany function or series of functions for combining inputs. For example,the bit shuffler may correspond to the XOR function, the multiplicationfunction, an addition function, or another function that may be used tocombine inputs. As another example, the security application with thebit shuffler may correspond to a function that orders the inputs andthen uses a non-commutative function to generate an output. The bitshuffler may correspond to other mechanisms for combining multipleinputs without departing from the scope of the invention.

In one or more embodiments of the invention, a hash function is afunction that includes functionality to receive an input and produce apseudo-random output. In one or more embodiments of the invention, thehash function may include functionality to convert a variable lengthinput into a fixed length output. For example, the hash function maycorrespond to GOST, HAVAL, MD2, MD4, MD5, PANAMA, SNEERU, a member ofthe RIPEMD family of hash functions, a member of the SHA family of hashfunctions, Tiger, Whirlpool, S-Box, P-Box, any other hash function, orany combination thereof.

Although the above description discusses the use of the bit shufflerprior to the hash function, in one or more embodiments of the invention,the hash function operations may be performed prior to the bit shuffleroperations. For example, the hash function may be performed separatelyon each of the inputs to create hashed inputs. The hashed inputs maythen be combined by the bit shuffler. Alternatively, the bit shufflermay be first performed on the inputs to create a single intermediateresult before the intermediate result is provided to the hash function.The intermediate result may be stored to be used later to createsubsequent message digests.

In one or more embodiments of the invention, the n-bit generator (e.g.,112A, 112B) is operatively connected to an encryption module (e.g.,114A, 114B). The encryption module (e.g., 114A, 114B) includesfunctionality to manage the encryption and decryption of information forthe member (e.g., 104A, 104B). For example, the encryption module mayinclude functionality to send an encrypted communication by requestingone or more message digests from the n-bit generator (e.g., 112A, 112B),extracting a encryption solution from the one or more message digests,and encrypting the information using the encryption solution.Alternatively, or additionally, the encryption module (e.g., 114A, 114B)may include functionality to receive an encrypted communication, extractanother encryption solution from the one or more message digests, anddecrypt the encrypted communication using the other encryption solution.

In one or more embodiments of the invention, the encryption module(e.g., 114A, 114B) is identically configured across all members of agroup to request the same number of message digests. The configurationmay be based, for example, on the type of communication, the encryptionalgorithm, and/or the type of data to be extracted from the messagedigest.

The encryption module (e.g., 114A, 114B) implements one or moreencryption algorithms. In one or more embodiments of the invention, theencryption algorithm includes functionality to transform information ina clear text format into an encrypted format that is unreadable byanyone or anything that does not possess a corresponding encryption key.For example, the encryption algorithm may correspond to Data EncryptionAlgorithm (DEA) specified in the Data Encryption Standard (DES), TripleDES, Advanced Encryption Standard (AES), FEAL, SKIPJACK, any otherencryption algorithm, or any combination thereof. In one or moreembodiments of the invention, the encryption module implements onlysymmetric encryption algorithm(s). The encryption module (e.g., 114A,114B) includes functionality to select the encryption algorithm usingthe algorithm selector table (e.g., 110A, 110B) (discussed below).

Continuing with the security application (e.g., 106A, 106B), althoughnot shown in FIG. 1A, the security application (e.g., 106A, 106B) mayalso include an interface. The interface includes functionality toconnect to entities that are not a part of the security application(e.g., 106A, 106B). For example, the interface may correspond to anapplication programming interface (API) and/or a user interface. Thesecurity application (e.g., 106A, 106B) may be configured to communicatewith other applications executing on the same or different computingdevices using the API. Thus, for example, the API of member A's securityapplication (106A) may include functionality to communicate via thenetwork with member B's security application (106B). As another example,the API may include functionality to receive an encrypted format of afile and provide a clear text format of the file to another applicationexecuting on member A (e.g., 104A, 104B). Conversely, the API mayinclude functionality to receive, from another application on member A(106A), a clear text format of a file and provide an encrypted format ofthe file to another application executing on member A (106A) on member B(106B).

In one or more embodiments of the invention, the user interface includesfunctionality to communicate with a user of the member (e.g., 104A,104B). Specifically, the user interface includes functionality toreceive input from the user and/or provide information to the user. Theuser interface may include hardware and/or software components, such asinformation boxes, menu buttons, drop down boxes, input boxes, hardwarelights, hardware buttons, and/or other user interface components.

Continuing with FIG. 1A, each of the members (e.g., 104A, 104B) mayinclude a secrets repository (e.g., 108A, 108B). In one or moreembodiments of the invention, the secrets repository (e.g., 108A, 108B)is any type of storage unit and/or device (e.g., a file system, file,collection of files, database, collection of tables, external data store(e.g., a USB drive, etc.) and/or any other storage mechanism) forstoring secrets. Further, the secrets repository (e.g., 108A, 108B) mayinclude multiple different storage units and/or devices.

Secrets in the secrets repository (e.g., 106A, 106B) correspond to dataknown only to the members of the group. Further, each member of thegroup may independently generate the secrets using an n-bit generator(e.g., 112A, 112B). Thus, the secrets may correspond to one or moremessage digests, or a portion thereof. Generating the secrets isdiscussed below and in FIGS. 2 and 3.

Secrets in the secrets repository (e.g., 106A, 106B) are each associatedwith a given group and may be further organized according to type ofcommunication in accordance with one or more embodiments of theinvention. For example, secrets used for encryption in a chat sessionmay be different than secrets used for encryption in an emailcommunication. Alternatively or additionally, the secrets may beorganized based on the clear text file format of a file to be encrypted.For example, secrets used to encrypt portable document formatted (PDF)files may be different than secrets used to encrypt extensible markuplanguage (XML) files.

In one or more embodiments of the invention, each secret is a sharedsecret. A shared secret is information known by all members of thegroup. A shared secret may include a static secret, a dynamic secret, orboth a static and a dynamic secret. The static secret may remainunchanged throughout the lifetime of the group in accordance with one ormore embodiments of the invention. For example, the static secret may beused to recover secure communications by providing a new encryption keywhen the members of the group lose synchronization with regards to thedynamic secret. In contrast, the dynamic secret may periodically change,such as at the end of each communication session or prior to beginning acommunication session.

In one or more embodiments of the invention, a communication session maybe a set of related communications (e.g., related short messagingservice messages (SMS), related emails, WebEx, chat messages, or otherrelated communications). Alternatively, or additionally, a communicationsession may correspond to a set of communications starting at a firsttime and having a duration of a pre-defined amount of time. Thepre-defined amount of time may be defined, for example, according to theamount of time after the last communication is sent and/or received.

Continuing with the discussion of the member (e.g., 104A, 104B), eachmember (e.g., 104A, 104B) includes an algorithm selector table (e.g.,110A, 110B). FIG. 1B shows an example algorithm selector table (110) inaccordance with one or more embodiments of the invention.

As shown in FIG. 1B, an algorithm selector table (110) is a logicalassociation between an algorithm identifier (e.g., 116M, 116N) and acorresponding encryption algorithm (e.g., 118M, 118N) (discussed above).The algorithm identifier may be, for example, a numeric, binary, oranother such value. In one or more embodiments of the invention, allalgorithm identifiers in a range are present. For example, the algorithmidentifier may be a range of integers (e.g., 0 . . . 15), a sequence ofbinary values (e.g., 000, 001, 010, . . . 111). Further, the sameencryption algorithm (e.g., 118M, 118N) may be associated with multiplealgorithm identifiers (e.g., 116M, 116N). For example. “0” maycorrespond to AES, “1” may correspond to Triple DES, “2” may correspondFEAL, and “3” may correspond to Triple DES.

Further, in one or more embodiments of the invention, the associationbetween the encryption algorithm identifiers (e.g., 116M, 116N) and theencryption algorithms (e.g., 118M, 118N) is not based on a pre-definedordering of encryption algorithms (e.g., 118M, 118N). Specifically, theassociation may be randomly defined.

The use of the term, “table”, is only to denote a logicalrepresentation;

various implementations of the algorithm selector table may be usedwithout departing from the scope of the invention. For example, thealgorithm selector table may be implemented in computer instructionsusing a series conditional statements. Specifically, when a conditionalstatement is satisfied, the code corresponding to the implementation ofthe encryption algorithm is executed. By way of another example, thealgorithm selector table (110) may be implemented as a data structurethat associates the consecutive encryption algorithm identifiers (e.g.,116M, 116N) with identifiers used by the security application for eachof the encryption algorithms. The above are only a few examples ofpossible implementations for the algorithm selector table (110) and notintended to limit the scope of the invention.

Further, all members associate the same encryption algorithm identifiers(e.g., 116M, 116N) with the same corresponding encryption algorithms(e.g., 118M, 118N). For example, if one member associates “0” with AES,“1” with Triple DES, “2” with FEAL, and “3” with Triple DES, then theremaining members associates “0” with AES, “1” with Triple DES, “2” withFEAL, and “3” with Triple DES. Further, all members may or may not usethe same implementation of the algorithm selector table (110).

In one or more embodiments of the invention, the algorithm selectortable (110) includes separate entries for each encryption algorithm andkey length pair. In one or more embodiments of the invention, theencryption module may identify the encryption algorithm from thealgorithm selector table (110) and use the key length associated withthe encryption algorithm to extract the appropriate number of bits forthe encryption key. For example, an entry may exist for Blowfish with anencryption key length 256 bits and a separate entry may exist forBlowfish with an encryption key length of 384 bits. In the example, ifthe first entry is specified in the algorithm selector bits of themessage digest (discussed below), then 256 bits are extracted from themessage digest(s) for the encryption key. Alternatively, in the example,if the second entry is specified, then 384 bits are extracted from themessage digest for the encryption key.

Further, each entry in the algorithm selector table (110) may include astarting bit value. The starting bit value may be used to identify afirst secret to use in the secrets repository or a starting bit for theencryption key in the message digest.

Alternatively, although not shown in FIG. 1A-1B, the system may includea key length table. The key length table may specify an identifier witha corresponding encryption key length. Similar to the algorithm selectortable, multiple different possible implementations of the key lengthtable may be used without departing from the scope of the invention.Further, all members of the group have the associations between keylength identifiers and key lengths, but may not have the sameimplementation of key length table. For example, “1” may be associatedwith “256 bits”, 2 may be associated with “128 bits”, etc.

In one or more embodiment of the invention, when a key length table isused, the algorithm selector table may be used to specify the encryptionalgorithm, and the key length table may be used to specify the number ofbits in the encryption key. Specifically, a key length field (discussedbelow) in the message digest may index the corresponding entry in thekey length table. In one or more embodiments of the invention, if thespecified encryption algorithm does not allow for variable key length,then the key length field in the message digest is ignored.

FIGS. 2-5B show flowcharts in accordance with one or more embodiments ofthe invention. While the various steps in these flowcharts are presentedand described sequentially, one of ordinary skill will appreciate thatsome or all of the steps may be executed in different orders, may becombined or omitted, and some or all of the steps may be executed inparallel.

FIG. 2 shows a flowchart for creating an initial message digest using agroup agreed seed in accordance with one or more embodiments of theinvention. In Step 201, the security application is initiated forcommunication with the group. In one or more embodiments of theinvention, a user of a computing device may initiate the securityapplication by opening the security application, providing the user'scredentials (e.g., user name and password and/or other authenticationcredentials), and submitting information about members of the group. Forexample, the information submitted may include each user's name,nickname, contact information, and/or secure communication channelinformation for communicating with the member(s). Rather than a userinitializing the security application, the security application may beremotely administered by another member of the group. For example,consider the scenario in which the group includes a bank computingdevice and a computing device of the user having an account at the bank.The member may be remotely initialized by the bank computing device.Alternatively, the computing device of the use may start theinitialization of its security application and then turn control over tobank computing device to complete the configuration, such as if themember is temporarily directly connected to the bank computing device.In such an example scenario, the member may be removed from the bankcomputing device and redirected to an administrator for remoteconfiguration.

In Step 203, a group agreed seed is obtained. Specifically, the membersof the group and/or their corresponding users communicate and agree on agroup agreed seed. If the users communicate and agree on the groupagreed seed, then the user may submit the group agreed seed to thesecurity application. In such embodiments, the security applicationobtains the group agreed seed from the member. If the memberscommunicate with the other members regarding the group agreed seed, thenthe member obtains the group agreed seed as the one agreed upon. Thegroup agreed seed may be any password, passphrase, or series ofcharacters. For example, the group agreed seed may be “the cow jumpedover the moon,” “#8$#DsaVA(@12w@,” or any other collection of characters(e.g., symbols and/or alphanumeric characters). Users of the members (ora program executing on the members) may communicate the group agreedseed in person, over the phone, via postal mail, or using any otheralternative communication channel. Each member may independently submitthe group agreed seed to the security application. When prompted, theuser of each member may enter the group agreed seed in a field of theuser interface of the security application. Alternatively, a processexecuting on the member may provide the group agreed seed to thesecurity application.

In Step 205, an initial message digest is generated using the groupagreed seed as inputs to the n-bit generator. For example, theencryption module may call the instance of the n-bit generator using thegroup agreed seed as the input value.

In Step 207, secrets are extracted from the initial message digest.Specifically, the security application identifies each portion of themessage digest relating to a secret. The following examples are notintended to limit the scope of the invention. Turning to an example, ina 512-bit message digest, bits in bit positions 0-127 may correspond tothe static secret, bits in bit positions corresponding to 128-383 maycorrespond to the dynamic secret and the final 128 bits may correspondto discard bits that remain unused. In the example, the securityapplication extracts the static secret by obtaining the first 128 bitsof the message digest and extracts the dynamic secret by obtaining thenext 256 bits. As discussed, the above is only an example. For example,the ordering of the static secrets, dynamic secret, and discard bits maybe different from the previous example, the discard bits may be omitted,the static secret or a portion thereof may be in different messagedigests, the dynamic secret or a portion thereof may be in differentmessage digests, or one of the secrets may be omitted. In one or moreembodiments of the invention, each security application extracts thesame bits for each of the secrets. Thus, each member of the groupgenerates the same set of secrets.

As another example for extracting secrets, bits in the message digestmay indicate the starting position of each of the secrets. For example,the first four bits low order or least significant of the message digestmay be used as shift bits defining the start of a secret. In such anexample, the first bit of a secret may start following the shift value.By way of an example, if the shift bits in the message digest is “0001”(or one in base 10), then the secret starts at bit position two. Asanother example, if the shift bits is “1000” (or eight in base 10), thesecret starts a bit 9. [Somewhere about or near this point might be agood place to add the elements disclosed in the actual emplimentation.]

Additional secrets may be generated for the group by repeating Steps 205and 207 using the initial message digest and subsequent message digestsas an input to the n-bit generator. Alternatively, or additionally,Steps 205 and 207 may be repeated multiple times performed to generatenew secrets. For example, each subsequent time may use, as input, themessage digest from the previously time. Alternatively, or additionally,additional secrets may be generated by repeating Steps 203-205 in whichnew group agreed seeds are used.

In Step 209, the extracted secrets are stored in the secrets repository.In one or more embodiments of the invention, when the extracted secretsare stored, the extracted secrets are associated with the group. Forexample, extracted secrets for the same group may be stored in the filewithin the appropriate secrets repository. As another example, extractedsecrets for the same group may be associated with a unique groupidentifier. Further, in one or more embodiments of the invention, thesecurity application associates a secret identifier with each of thesecrets. The secret identifier associated with the same secret isidentical across all members of the group. For example, the secretidentifier may be a sequential numeric identifier designating the orderin which the particular secret(s) was generated in relation to othersecrets. In the example, the first generated secrets may be associatedwith one, the second generated secrets may be associated with two, etc.

Additionally, the security applications for all members of the group maybe configured to associate the same secrets with the same type ofcommunications and/or the same types of applications. For example, thesecurity applications may be configured to associate the first fourgenerated secrets with email communications, the next six generatedsecrets with video conferencing applications, etc.

After storing the secrets in the secrets repository, the secrets may beused to create an encryption key for encrypting communications.Generating encryption keys for encrypting communications is discussed inFIGS. 4A and 4B below. Further, because all members of the groupgenerate the same secrets, the resulting encryption keys are identicalacross all members of the group in accordance with one or moreembodiments of the invention.

FIG. 3 shows a flowchart for generating an initial message digest byeach member of the group providing input. In one or more embodiments ofthe invention, the members of the group do not have shared secrets priorto performing the flowchart discussed below. Although FIG. 3 is shownand discussed below from the prospective of one of the members of thegroup, the steps discussed below are performed by each member of thegroup so that all members generate the same initial message digest.Further, although FIG. 3 shows an example of a two member group,additional members may be added without departing from the scope of theinvention.

In Step 211, a first member of the group identifies a second member ofthe group. Specifically, a member of the group commences communicationwith the group. Below are a few examples of how communication may becommenced amongst the members of the group.

In a first example, the security application executing on a first membermay receive a request from a user to contact the second member of thegroup. The request from the user may include a nickname if informationabout the second member is pre-initialized in the security application.Alternatively, the request may include the user of the second member'sname, nickname, contact information, and/or secure communication channelinformation for communicating with the second member. The first membermay contact the second member using information in the request and/orpre-configured secure connection information.

In another example, the first member's security application may receivea request for connection from the second member's security applicationbased on a request of a user of the second member. In response, with orwithout input from the user of the first member, the first member'ssecurity application may initiate communication with the second member'ssecurity application.

In Step 213, the first member of the group sends a first input to thesecond member of the group. The first input may be a non-deterministicrandomly generated challenge, a passphrase, or another piece of data.Further, if the second member has a public key, the first member mayobtain the public key from the public key repository and encrypt thefirst input with the public key. Alternatively, the first input may besent in clear text. Although not shown in FIG. 2, the first member sendsthe same first input to each member of the group.

In Step 215, the first member of the group receives the second inputfrom the second member. If the first member has a public key, then thesecond input may be in an encrypted format. The first member may decryptthe second input using the first member's private key.

In Step 217, an initial message digest is generated by the first memberand the second member using the first input and the second input asinputs to the n-bit generator. Specifically, the encryption module callsthe n-bit generator with the first input and the second input. Becauseboth the first member and the second member each use the first input andthe second input on the same instance of the n-bit generator, theresulting initial message digest is the same for the first member andthe second member.

As discussed above, the steps discussed above may be performed by thesecurity application with or without input from a user. For example, theencryption module of the security application may receive the secondinput and decrypt the second input autonomously. Thus, the encryptionmodule may perform the aforementioned steps without notification orrequiring input to/from a user.

In Step 219, communications between the members are encrypted anddecrypted using the initial message digest. The communication mayinclude, for example, files, entire messages, attachments, or any otherdata sent between the members of the group.

From the initial message digest, shared secrets may be extracted. Theshared secrets may be stored in the secrets repository and used for manydifferent types of communications. For example, the static secret may beused to create encryption solutions to encrypt communications in a chatsession, emails, files, or other types of communications. By way ofanother example, the dynamic secret may be used with or without thestatic secret when the dynamic secret remains unchanged between when theencryption key is created and the communication is decrypted (e.g., achat session, emails, or other types of communications).

FIGS. 4A and 4B show flowcharts for using the initial message digest togenerate an encryption solution. As shown in FIG. 4A, in Step 221,shared secret(s) are obtained. Specifically, the shared secret may beextracted from an initial message digest and/or may be obtained from thesecrets repository.

Continuing with FIG. 4A, in Step 223, a new message digest is generatedusing the shared secret(s) as inputs for the n-bit generator. Forexample, the encryption module may call the n-bit generator and pass theparameters of the shared secret(s). The new message digest may beinterpreted as, for example, any of the example message digestsdiscussed above and shown in FIGS. 6 and 7.

In Step 225 of FIG. 4A, encryption solutions are extracted from theresulting message digest. Extracting the encryption solutions mayinclude the encryption module identifying the bit positionscorresponding to each encryption solution and separately storing theseries of bits in the identified bit positions as the encryptionsolution. The storing of the series of bits may be temporary, such as inrandom access member (RAM) in accordance with one or more embodiments ofthe invention. Each encryption solution may be further divided into thecomponents of the encryption solution. For example, the encryption key,algorithm selector bits, key length and other components of the messagedigest may be extracted. Extracting the encryption key may be performedsimilar to extracting the secrets as discussed above with reference toStep 207 in FIG. 2. For example, similar to using the shift bits todesignate the start of a secret, the shift bits may be used to designatethe start of an encryption key.

FIG. 4B shows another example flowchart for using the initial messagedigest. Specifically, FIG. 4B shows an example for generating multiplemessage digests, where each message digest includes some of thecomponents for encrypting a communication. In Step 231, the sharedsecret(s) are obtained. Obtaining the shared secret(s) may be performedas discussed above.

In Step 233, a message digest is generated using the shared secret(s) asinputs for the n-bit generator. Generating the message digest may beperformed in a similar manner to that discussed above with reference toStep 223 in FIG. 4A.

In Step 235, the change value and other components are extracted fromthe message digest. Extracting the components may be performed in amanner similar to the extraction of the encryption key as discussedabove in Step 225 of FIG. 4A. The other components that are extractedmay include, for example, the most significant bits of the encryptionkey, the least significant bits of the encryption key, the algorithmselector bits, etc for one or more encryption solutions.

In Step 237 of FIG. 4B, the change value is combined with the sharedsecrets to create an interim dynamic secret. Combining the change valuewith the shared secrets may be performed, for example, by a bitshuffler. Specifically, any of the operations discussed above withrespect to the bit shuffler may be performed to combine the change valuewith the shared secrets. In one or more embodiments of the invention, anumber is added to the change value or result to account for apossibility that the change value is zero. By way of example and notlimitation, the combination may be the change value XOR'd with thedynamic secret plus one.

In Step 239, another message digest is generated using the interimdynamic secret and the shared secrets as inputs to the n-bit generator.Step 239 may be performed, for example, in a manner similar to the abovediscussion with reference to Step 233. In one or more embodiments of theinvention, rather than performing Step 237 to create an interim dynamicsecret and then performing Step 239 to generate the subsequent messagedigest using the interim dynamic secret, the subsequent message digestmay be generated using the change value, the dynamic secret, and theshared secret as inputs into the n-bit generator.

In Step 241, a change value and other components are extracted from thesubsequent message digest in accordance with one or more embodiments ofthe invention. Extracting a change value and the other components may beperformed similar to the above discussion with reference to Step 235.

In Step 243, a determination is made whether to create another messagedigest. In one or more embodiments of the invention, each securityapplication is configured to create an identical number of messagedigests. Additional message digests may be generated to createadditional bits for an encryption key and to create additionalcomponents.

If a determination is made to create an additional message digest, thenthe steps repeat starting with Step 237. In Step 237, the change valueextracted in Step 241 is used with the shared secrets to create a newinterim dynamic secret. Alternatively, rather than using the sharedsecrets for subsequent message digests, the previously created interimdynamic secret may be used.

Alternatively, if a determination is made not to create another messagedigest, encryption solutions are created from the components of themessage digests in Step 245. For example, the least significant bits ofthe encryption key may be combined with the most significant bits of theencryption key to create a single encryption key.

The encryption solutions may be used to encrypt and decryptcommunications as discussed below and in FIG. 4C. Encrypting acommunication may be performed for example, by accessing the algorithmselector table to identify the encryption algorithm corresponding to thealgorithm selector bits in the message digest. The communication to beencrypted is encrypted by applying the identified encryption algorithmwith the encryption key to the communication. The resulting encryptedcommunication may be sent to the members and/or stored (e.g., stored ona local or remote storage device).

Alternatively, if a determination is made not to create another messagedigest, encryption solutions are extracted from the components of themessage digests in Step 245 or next. For example, in one encryptionsolution, the least significant bits of the encryption key may becombined with the most significant bits of the encryption key to createa single encryption key.

FIG. 4C shows a flowchart for using the encryption solutions to send andreceive communications between members of the group. Although FIG. 4C isshown and discussed from the perspective of a member of the group, othermembers may perform similar steps to send and receive communications.Further, as discussed above, although the flowcharts are describedsequentially, steps may be performed in parallel. For example, while areceived encrypted communication is decrypted, another communication maybe encrypted for sending.

In Step 251, a determination is made whether an encrypted communicationis received. If an encrypted communication is received, in Step 253,algorithm selector bits and an encryption key are obtained from thereceiving encryption solution. If in Step 253, more than one receivingencryption solution exists, then the receiving encryption solution maybe first identified. For example, the receiving encryption solution maybe a solution associated with the sender. In the example, the sender ofthe communication is identified, such as from the information in thecommunication. Based on the sender, the encryption solution isidentified. From the encryption solution, the algorithm selector bitsand encryption key is obtained.

In Step 255, an encryption algorithm corresponding to the algorithmselector bits are identified. In one or more embodiments of theinvention, identifying the encryption algorithm includes obtaining thenumeric format of the algorithm selector bits and using the numericformat to identify a matching encryption algorithm identifier in thealgorithm selector table. The encryption algorithm associated with thematching algorithm identifier is selected.

In Step 257, the received encrypted communications is decrypted usingthe identified encryption algorithm and the encryption key to obtain theclear-text format of the communication. Specifically, the encryptionmodule applies the encryption algorithm to the communication using theencryption key.

Returning to Step 251, a determination may be made to send acommunication. In Step 259, a determination is made whether to send acommunication, more specifically, an encrypted communication. If acommunication is to be sent, in Step 261, algorithm selector bits and anencryption key are obtained from the sending encryption solution. If inStep 261, more than one sending encryption solution exists, then thesending encryption solution may be first identified. For example, thesending encryption solution may be a solution associated with thereceiver of the communication. In the example, the receiver of thecommunication is identified. Based on the receiver, the encryptionsolution is identified. From the encryption solution, the algorithmselector bits and encryption key are obtained.

In Step 263, an encryption algorithm corresponding to the algorithmselector bits are identified. In one or more embodiments of theinvention, identifying the encryption algorithm includes obtaining thenumeric format of the algorithm selector bits and using the numericformat to identify a matching encryption algorithm identifier in thealgorithm selector table. The encryption algorithm associated with thematching algorithm identifier is selected.

In Step 265, the communication is encrypted using the encryptionalgorithm and the encryption key to obtain the encrypted communication.Specifically, the encryption module applies the encryption algorithm tothe communication using the encryption key. The encrypted communicationmay then be sent to the receiver. Although not shown in FIG. 4C, thereceiver of the communication may use Steps 253-257 to decrypted thecommunication using a copy of the encryption solution identified in Step261.

Continuing with FIG. 4C, in Step 267, a determination is made whether toend the communication session. If the determination is made not to endthe communication session, then a determination may be made to updatethe encryption solutions in Step 269. For example, during acommunication session, the members of a group may agree to change theencryption key and/or the secrets. For example, the agreement may bebased on a signal passed between the members when one of the memberssuspects that the encryption key is compromised. As another example, theagreement may be based on a pre-agreed period at which a new encryptionkey is generated. For example, the members may agree that a newencryption key should be generated every five minutes, with every 20sessions, based on the amount of data exchanged, etc.

If a determination is made to update encryption solutions, then in Step271, new encryption solutions are generated. By updating encryptionsolutions, nefarious users or computer system may have difficulty usingthe correct encryption solution for the correct communication. Newencryption solutions may be generated during a communication using thesteps discussed in FIG. 5A below. Alternatively, if a determination ismade not to update encryption solutions, then another determination ismade whether an encrypted communication is received in Step 251.

In Step 267, if the determination is made to end the communicationsession, then the communication session may be finalized. For example,members of the group may communicate to indicate that the communicationsession is finished. If the communication session ends successfully,then the members may decide to update secrets in the secrets repository.FIG. 5B below discusses updating the secrets in the secrets repository.

FIG. 5A shows a flowchart for changing encryption solutions. In Step281, a change of encryption solution is initiated by the group or one ofthe members thereof. As discussed above, the initiation may be based ona message, a pre-agreed period, etc.

In Step 283, intermediate results of the last performance of the n-bitgenerator and the last generated change value are obtained. As discussedabove, the intermediate results may correspond to the output of the bitshuffler prior to performing the hash function. Further, each member mayextract the change value from the last generated message digest.

In Step 285, each member generates a new message digest using theintermediate results and the last change value as inputs to the n-bitgenerator. Generating the new message digest may be performed asdiscussed above with reference to Step 239 in FIG. 4B. Similar to thediscussion of FIG. 4B, additional message digests may be generatedwithout departing from the scope of the invention.

In Step 287, a new encryption solution is extracted from the messagedigest(s). Extracting the new encryption solution may be performed asdiscussed above with reference to Step 225 of FIG. 4A or Step 245 inFIG. 4B. After the new encryption solution is extracted, the newencryption solution may be used to encrypt and decrypt communicationsbetween the members of the group.

FIG. 5B shows an example flowchart for changing the secrets at the endof a communication session in accordance with one or more embodiments ofthe invention. In Step 291, a communication session is finalized withthe group. For example, the group members may send a message ending thecommunication session, such as a disconnect. Each member may wait untilthe member receives confirmation from all other members of the group.

In Step 293, the initial dynamic secret and the final change value usedin the communication session are obtained. For example, the initialdynamic secret may be the secret generated in the initial message digestor a secret stored in the secrets repository. The final change value maycorrespond to the last generated change value. For example, the finalchange value may be obtained as discussed above with reference to Step283 in FIG. 5A.

Continuing with FIG. 5B, in Step 295, a new message digest is generatedusing the initial dynamic secret and the final change value as inputs tothe n-bit generator. For example, the steps discussed in FIGS. 4A and 4Bmay be performed one or more times to generate the message digests. InStep 297, the new dynamic secret is extracted from the new messagedigest. The new dynamic secret may replace the initial dynamic secret inthe secrets repository. Specifically, each member of the group may storethe new dynamic secret in their corresponding secrets repository.Because each member generates and stores the same new dynamic secret,the members use the same secrets in the next communication session.Alternately, the initial dynamic secret may be combined with the finalchange value and then a constant added to the result. The final resultmay replace the stored dynamic secret.

FIGS. 6-8 show example message digests in accordance with one or moreembodiments of the invention. In the example message digests, only twoencryption solutions are shown, additional encryption solutions may begenerated and in the message digest without departing from the scope ofthe invention. The following example message digests are for examplepurposes only and not intended to limit the scope of the invention.

FIG. 6 shows an example message digest in accordance with one or moreembodiments of the invention. As shown in FIG. 6, the message digest(300) may include algorithm selector bits (e.g., 302X, 302Y) and anencryption key (e.g., 304X, 304Y) for each encryption solution (e.g.,306X, 306Y). In one or more embodiments of the invention, the algorithmselector bits (e.g., 302X, 302Y) correspond to the series of bits thatare in pre-defined bit positions in the message digest. In one or moreembodiments of the invention, the bit position corresponding to thealgorithm selector bits (e.g., 302X, 302Y) are known only to thesecurity application. For example, the bit positions may be purposefullyhidden from a user of the member.

As discussed above, the algorithm selector bits (e.g., 302X, 302Y)correspond to the bit value of the encryption algorithm identifier inthe algorithm selector table. In one or more embodiments of theinvention, because each group has the same algorithm selector table,generates the same message digest, and uses the same bits in the messagedigest as the algorithm selector bits, the members of the group all knowthe algorithm for encrypting and decrypting the communication. Further,each time a message digest having algorithm selector bits is generated,the encryption algorithm may change from the previously generatedencryption algorithm. Specifically, by including the algorithm selectorbits in the message digest, not only may the encryption key change, butalso the encryption algorithm. Thus, a nefarious user or computer systemwould have to match both the encryption algorithm with the encryptionkey with the communication to decrypted any encrypted communication.

The encryption key (e.g., 304X, 304Y) is a key used by the encryptionalgorithm to encrypt and decrypt one or more communications. Because allmembers use the same instance of the n-bit generator to generate themessage digests, the encryption key generated by each of the members isthe same. Thus, the encryption key does not need to be communicatedbetween the members. Moreover, the encryption key may be stored in thesecurity application and not provided through any interface to any user.Thus, users that leave the group remain unaware of the encryption keyused to encrypt the data.

The message digest may include alternative or additional components.FIG. 7 shows an example message digest (308) in accordance with one ormore embodiments of the invention. As shown in example FIG. 7, themessage digest (308) may include a first member's one-time password(310X), a second member's one-time password (310Y), algorithm selectorbits (e.g., 312X, 312Y), a key length (e.g., 314X, 314Y), an encryptionkey (e.g., 316X, 316Y), and a change value (318). The first member'sone-time password (310X), algorithm selector bits (312X), key length(314X), and the encryption key (316X) may correspond to a firstencryption solution (320X) for the first member. The second member'sone-time password (310Y), algorithm selector bits (312Y), key length(314Y), and the encryption key (316Y) may correspond to a firstencryption solution (320Y) for the second member. The components of theexample message digest (308) are discussed below.

The first member's one-time password (310X) is a series of bitsgenerated by the n-bit generator for the second member to authenticatethe first member. Specifically, because both the first member and thesecond member generate the same message digest (e.g., example messagedigest (308)), the first member's one-time password (310X) is the samefor the first member and the second member. Accordingly, if the firstmember's one-time password (310X) that the first member sends to thesecond member is identical to the second member's generated firstmember's one time password, then the second member knows that the firstmember is authentic. Specifically, the first member knows that thesecond member received the same input and had an n-bit generator thatwas capable of performing the same operations. Further, in one or moreembodiments, once the first member and second member passwords have beenconfirmed, an extremely high probability exists that the othercorresponding bits of the message digest also match between systems.

Similarly, the second member's one-time password (310Y) is a series ofbits generated by the n-bit generator for the first member toauthenticate the second member. Specifically, the second member sendsthe second member's one-time password (310Y) to the first member. If thesecond member's one-time password (310Y) that the second member sends tothe first member is identical to the first member's generated secondmember's one-time password, then the first member knows that the secondmember is authentic. Specifically, the second member knows that thefirst member received the same input and had an n-bit generator that wascapable of performing the same operations and has the same messagedigest.

In one or more embodiments of the invention, prior to sending theone-time passwords, the one-time passwords are encrypted using anencryption algorithm and an encryption key. In such embodiments, theone-time passwords are sent encrypted. The receiver may encrypted theirgenerated one-time password and compared the encrypted generatedone-time password with the received encrypted one-time password. As analternative, the receiver may decrypt the received one-time password andthen compare the decrypted one-time password with the generated one-timepassword.

In one or more embodiments of the invention, one-time passwords (e.g.,310X, 310Y) are sent between members after generating the message digestthat includes the one-time passwords (e.g., 310X, 310Y) and prior tosending any encrypted confidential information. Thus, members areauthenticated prior to the sending and/or receiving of confidentialinformation. In one or more embodiments of the invention, one-timepasswords are only valid during a single communication session. For eachnew communication session, new one-time passwords are generated andsubsequently used to authenticate the members. As an alternative,one-time passwords may only be used during a first communicationsession. Later communication sessions between members may not useone-time passwords. Additional one-time passwords may be generated toaccount for additional members of the group without departing from thescope of the invention. The additional one-time passwords may begenerated, for example, by generating additional message digests.

Continuing with the example message digest (308) in FIG. 7, thealgorithm selector bits (e.g., 312X, 312Y) may be similar to thealgorithm selector bits (e.g., 302X, 302Y) discussed above withreference to FIG. 6. As shown in FIG. 7, the algorithm selector bits(e.g., 312X, 312Y) may be located in a different position.

The key length (e.g., 314X, 314Y) specifies the size of the encryptionkey (e.g., 316X, 316Y). Specifically, the key length (e.g., 314X, 314Y)specifies the number of bits in the encryption key (e.g., 316X, 316Y).In one or more embodiments of the invention, the encryption key (e.g.,316X, 316Y) has at least a minimum size (e.g., 64 bit minimum, 128 bitminimum, etc.). Other embodiments of the invention, may use a fixedencryption key length. In such embodiments, the communication may beencrypted using only the components corresponding to the algorithmselector bits and the encryption key of the fixed length.

In one or more embodiments of the invention, a change value (318)provides a pseudo-random value to spawn a new message digest (308). Forexample, the change value may be used to create a new encryption key orcreate a new dynamic secret. Use of the change value is discussed aboveand in FIG. 5A-5B. Further, the stored secrets may be inputted to then-bit generator to spawn temporary use secrets. All of the spawnedsecrets are used only during a session in accordance with one or moreembodiments of the invention. After the session, the spawned secrets aredestroyed so as to be no longer accessible or otherwise discoverablethrough any nefarious methods. Similar to the temporary use secrets, achange value is destroyed once combined with the appropriate dynamicsecret.

Returning to the example message digest (308), FIG. 7 is only oneexample of the components of a message digest. Some of the componentsmay be removed while other components may be added. For example, themessage digest may include discard bits. Discard bits are bits that areignored. As another example, rather than having the entire encryptionkey, the message digest may include only the most significant bits orthe least significant bits of the encryption key. Another message digestmay be generated and include the remaining bits.

FIGS. 8A and 8B show another example of message digests (e.g., 330, 332)in accordance with one or more embodiments of the invention. As shown inthe example in FIGS. 8A and 8B, the encryption solutions may spanmultiple message digests. For example, a first message digest (330) mayinclude only algorithm selector bits (334X), the most significant bitsfor each of the encryption keys (e.g., 336X, 336Y), and a change value(338). In the example, a second message digest (332) may include onlyalgorithm selector bits (334Y), the least significant bits for each ofthe encryption keys (e.g., 340X, 340Y), and a change value (342). In theexample, encryption solution X may be formed by using algorithm selectorX bits (334X) and the concatenation of encryption key X most significantbits (336X) with encryption key X least significant bits (340X).Similarly, encryption solution Y may be formed by using algorithmselector Y bits (334Y) and the concatenation of encryption key Y mostsignificant bits (336Y) with encryption key Y least significant bits(340Y).

The following is an example communication session in accordance with oneor more embodiments of the invention. The following example is forillustration purposes only and not intended to limit the scope of theinvention. In the following example, consider the scenario in which agroup has three members: Bob's computing device (computing device B),Joe's computing device (computing device J), and Sarah's computingdevice (computing device S).

With the first communication, the security application on computingdevice B, the security application on computing device J, and thesecurity application on computing device S each create a challenge. Forexample, computing device B's challenge is “454Bear”, computing deviceJ's challenge is “myTower”, and computing device S's challenge is“d68saf.” Further, each member accesses a certificate authority toobtain the public key of each other member. Computing device B'ssecurity application encrypts “454Bear” using computing device J'spublic key and sends the resulting encrypted challenge to computingdevice J's security application. Similarly, computing device B'ssecurity application encrypts “454Bear” using computing device S'spublic key and sends the resulting encrypted challenge to computingdevice S's security application. Computing device J's securityapplication and computing device S's security application similarlyencrypt their challenges using the other members' public keys and sendtheir challenges.

After receiving the challenges, computing device B's securityapplication, computing device J's security application, and computingdevice S's security application decrypt each of the challenges usingtheir corresponding private keys. Computing device B's securityapplication, computing device J's security application, and computingdevice S's security application each input “454Bear,” “myTower,” and“d68saf” into their respective n-bit generators to obtain a messagedigest. Because the n-bit generator provides a deterministic,pseudo-random result, the resulting message digest is the same forcomputing device B, computing device J, and computing device S.Accordingly, computing device B's security application, computing deviceJ's security application, and computing device S's security applicationmay use the message digest to populate a secrets repository, createencryption solutions, and encrypt and decrypt the communications sentbetween them using the encryption solutions. The following aresub-examples for computing device B, computing device J, and computingdevice S to send and receive communications using the generatedencryption solutions.

In a second example (based on the same underlying entities as the firstexample), consider the scenario in which the message digest generated bycomputing device B, computing, device J, and computing device S includesan encryption solution for computing device B to send communications(“encryption solution B”), an encryption solution for computing device Jto send communications (“encryption solution J”), and an encryptionsolution for computing device S to send communications (“encryptionsolution S”). In the example, computing device B's security applicationmay send a communication to computing device S's security applicationand computing device J's security application by obtaining an encryptionkey and an identified encryption algorithm from encryption solution B,encrypting the communication with the encryption key using theidentified encryption algorithm, and sending the encrypted file.Computing device S's security application and computing device J'ssecurity application, which also have the same message digests, useencryption solution B to obtain the encryption key and identify theencryption algorithm to decrypt the communication. Similarly, whencomputing device J and computing device S send communications, computingdevice J uses encryption solution J and computing device S usesencryption solution S. A nefarious computer system, which is not capableof generating the message digest, is unable to even create theencryption key. Moreover, because computing device B's securityapplication, computing device S's security application, and computingdevice J's security application may continually change the encryptionsolutions by generating new pseudo-random message digests, the nefariouscomputer system may be unlikely to identify the correct encryption keyand the correct encryption algorithm for the correct message.

In a third example (based on the same underlying entities as the firstexample), consider the scenario in which the message digest generated bycomputing device B, computing device J, and computing device S includesan encryption solution for computing device B to receive communications(“encryption solution B”), an encryption solution for computing device Jto receive communications (“encryption solution J”), and an encryptionsolution for computing device S to receive communications (“encryptionsolution S”).

In the third example, computing device B's security application may senda communication to computing device S's security application andcomputing device J's security application. Computing device B obtains anencryption key and an identified encryption algorithm from encryptionsolution S, encrypts the communication with the encryption key using theidentified encryption algorithm, and sends the encrypted communicationto computing device S. Computing device S's security application, whichalso has the same message digests, uses encryption solution S to obtainthe encryption key and identify the encryption algorithm to decrypt thecommunication.

Similarly, computing device B obtains an encryption key and anidentified encryption algorithm from encryption solution J, encrypts thecommunication with the encryption key using the identified encryptionalgorithm, and sends the encrypted communication to computing device J.Computing device J's security application, which also has the samemessage digests, uses encryption solution J to obtain the encryption keyand identify the encryption algorithm to decrypt the communication.Similarly, when computing device J and computing device S sendcommunications to computing device B, computing device J and computingdevice S use encryption solution B. A nefarious computer system, whichis not capable of generating the message digest is unable to even createthe encryption key. Moreover, because computing device B's securityapplication, computing device S's security application, and computingdevice J's security application may continually change the encryptionsolutions by generating new pseudo-random message digests, the nefariouscomputer system may be unlikely to identify the correct encryption keyand the correct encryption algorithm for the correct message.

The above are only a few examples of how the message digest may be usedto create multiple encryption solutions to encrypt and decryptcommunications. Other possible methods may be used without departingfrom the scope of the invention. For example, computing device J andcomputing device S may use the same encryption solution JS for receivingcommunications, which is different than the encryption solution used bycomputing device B to receive communications. As another exampleexample, computing device J and computing device S may use the sameencryption solution JS for sending communications, which is differentthan the encryption solution used by computing device B to sendcommunications.

Embodiments of the invention may be implemented on virtually any type ofcomputer system regardless of the platform being used. The computingdevice may be the computer system, execute on the computer system, be anexternal device of the computer system, etc. For example, as shown inFIG. 9, a computer system (400) includes one or more computingprocessor(s) (402), associated memory (404) (e.g., random access memory(RAM), cache memory, flash memory, etc.), an internal and/or an externalstorage device (406) (e.g., a hard disk, an optical drive such as acompact disk drive or digital video disk (DVD) drive, a flash memorystick, universal serial bus (USB) drive, smart card, smart phone, etc.),and numerous other elements and functionalities typical of today'scomputers (not shown). The computer system (400) may also include inputmeans, such as a keyboard (408), a touch screen, a mouse (410), or amicrophone (not shown). Further, the computer system (400) may includeoutput means, such as a monitor (412) (e.g., a liquid crystal display(LCD), a plasma display, or cathode ray tube (CRT) monitor). Thecomputer system (400) may be connected to a network (414) (e.g., a localarea network (LAN), a wide area network (WAN) such as the Internet, orany other type of network) via a network interface connection (notshown). Those skilled in the art will appreciate that many differenttypes of computer systems exist, and the aforementioned input and outputmeans may take other forms. Generally speaking, the computer system(400) includes at least the minimal processing, input, and/or outputmeans necessary to practice embodiments of the invention.

Computer readable program code to perform embodiments of the inventionmay be stored on a computer readable medium such as a compact disc (CD),a diskette, a tape, physical memory, or any other physical computerreadable storage medium that includes functionality to store computerreadable program code to perform embodiments of the invention. In oneembodiment of the invention the computer readable program code, whenexecuted by a processor(s), is configured to perform embodiments of theinvention.

While the invention has been described with respect to a limited numberof embodiments, those skilled in the art, having benefit of thisdisclosure, will appreciate that other embodiments can be devised whichdo not depart from the scope of the invention as disclosed herein.Accordingly, the scope of the invention should be limited only by theattached claims.

What is claimed is:
 1. A method for securing communication among aplurality of members, comprising: obtaining, by a first member of agroup, a first secret; generating, by an n-bit generator executing onthe first member, a first message digest using the first secret;extracting, by the first member, a first encryption solution and asecond encryption solution, at least in part, from the first messagedigest, wherein the first encryption solution comprises a firstencryption key and first algorithm selector bits, and wherein the secondencryption solution comprises a second encryption key and secondalgorithm selector bits; selecting, by the first member and from aplurality of encryption algorithms, a first encryption algorithmcorresponding to the first algorithm selector bits; encrypting, by thefirst member, a first communication using the first encryption key andthe first encryption algorithm to obtain a first encryptedcommunication; sending, by the first member to a second member of thegroup, the first encrypted communication; receiving, by the first memberfrom the second member, a second encrypted communication; selecting, bythe first member and from the plurality of encryption algorithms, asecond encryption algorithm corresponding to the second algorithmselector bits; decrypting, by the first member, the second encryptedcommunication using the second encryption solution to obtain a secondcommunication; generating, by the n-bit generator, a second messagedigest using the first secret, a second secret, and a first changevalue; extracting, by the first member, a third encryption solution anda fourth encryption solution, at least in part, from the second messagedigest; encrypting, by the first member, a third communication using thethird encryption solution to obtain a third encrypted communication;sending, by the first member to the second member, the third encryptedcommunication; receiving, by the first member from the second member, afourth encrypted communication; and decrypting, by the first member, thefourth encrypted communication using the fourth encryption solution toobtain a fourth communication.
 2. The method of claim 1, whereindecrypting the second encrypted communication comprises: decrypting thesecond encrypted communication using the second encryption algorithm andthe second encryption key.
 3. The method of claim 2, wherein the firstencryption algorithm and the second encryption algorithm are differentencryption algorithms.
 4. The method of claim 1, wherein generating thefirst message digest comprises using a third secret.
 5. The method ofclaim 1, further comprising: generating, by the n-bit generator, a thirdmessage digest using the first secret, a third secret, and a secondchange value.
 6. The method of claim 1, wherein the first encryptedcommunication and the third encrypted communication are sent during asingle communication session.
 7. The method of claim 1, whereingenerating the second message digest comprises: combining the firstchange value with an intermediate result to create an interim dynamicsecret, wherein the intermediate result is obtained during thegeneration of the first message digest; and using the interim dynamicsecret to generate the second message digest.
 8. A computing device forsecuring communication among a plurality of members comprising: aprocessor; a memory; and software instructions stored in memory forcausing the computing device to: obtain, by a first member of a group, afirst secret, wherein the first member is the computing device;generate, by an n-bit generator executing on the first member, a firstmessage digest using the first secret; extract a first encryptionsolution and a second encryption solution, at least in part, from thefirst message digest, wherein the first encryption solution comprises afirst encryption key and first algorithm selector bits, and wherein thesecond encryption solution comprises a second encryption key and secondalgorithm selector bits; select, by the first member and from aplurality of encryption algorithms, a first encryption algorithmcorresponding to the first algorithm selector bits; encrypt a firstcommunication using the first encryption key and the first encryptionalgorithm to obtain a first encrypted communication; send, to a secondmember of the group, the first encrypted communication; receive, fromthe second member, a second encrypted communication; select, by thefirst member and from the plurality of encryption algorithms, a secondencryption algorithm corresponding to the second algorithm selectorbits; decrypt the second encrypted communication using the secondencryption solution to obtain a second communication; generate, by then-bit generator, a second message digest using the first secret, asecond secret, and a first change value; extract a third encryptionsolution and a fourth encryption solution, at least in part, from thesecond message digest; encrypt a third communication using the thirdencryption solution to obtain a third encrypted communication; send, tothe second member, the third encrypted communication; receive, from thesecond member, a fourth encrypted communication; and decrypt the fourthencrypted communication using the fourth encryption solution to obtain afourth communication.
 9. The computing device of claim 8, whereindecrypting the second encrypted communication comprises: decrypting thesecond communication using the second encryption algorithm and thesecond encryption key.
 10. The computing device of claim 9, wherein thefirst encryption algorithm and the second encryption algorithm aredifferent encryption algorithms.
 11. The computing device of claim 8,wherein generating the first message digest comprises using a thirdsecret.
 12. The computing device of claim 8, wherein the softwareinstructions further cause the computing device to: generate, by then-bit generator, a third message digest using the first secret, a thirdsecret, and a second change value, wherein the first encryption solutionand the second encryption solution are extracted, at least in part, fromthe third message digest.
 13. The computing device of claim 8, whereinthe first encrypted communication and the third encrypted communicationare sent during a single communication session.
 14. The computing deviceof claim 8, wherein generating the second message digest comprises:combining the first change value with an intermediate result to createan interim dynamic secret, wherein the intermediate result is obtainedduring the generation of the first message digest; and using the interimdynamic secret to generate the second message digest.
 15. Anon-transitory computer readable medium comprising computer readableprogram code embodied therein for causing a computer system to perform amethod for securing communication among a plurality of members, themethod comprising: obtaining, by a first member of a group, a firstsecret; generating, by an n-bit generator executing on the first member,a first message digest using the first secret; extracting, by the firstmember, a first encryption solution and a second encryption solution, atleast in part, from the first message digest, wherein the firstencryption solution comprises a first encryption key and first algorithmselector bits, and wherein the second encryption solution comprises asecond encryption key and second algorithm selector bits; selecting, bythe first member and from a plurality of encryption algorithms, a firstencryption algorithm corresponding to the first algorithm selector bits;encrypting, by the first member, a first communication using the firstencryption key and the first encryption algorithm to obtain a firstencrypted communication; sending, by the first member to a second memberof the group, the first encrypted communication; receiving, by the firstmember from the second member, a second encrypted communication;selecting, by the first member and from the plurality of encryptionalgorithms, a second encryption algorithm corresponding to the secondalgorithm selector bits; decrypting, by the first member, the secondencrypted communication using the second encryption solution to obtain asecond communication; generating, by the n-bit generator, a secondmessage digest using the first secret, a second secret, and a firstchange value; extracting, by the first member, a third encryptionsolution and a fourth encryption solution, at least in part, from thesecond message digest; encrypting, by the first member, a thirdcommunication using the third encryption solution to obtain a thirdencrypted communication; sending, by the first member to the secondmember, the third encrypted communication; receiving, by the firstmember from the second member, a fourth encrypted communication; anddecrypting, by the first member, the fourth encrypted communicationusing the fourth encryption solution to obtain a fourth communication.16. The non-transitory computer readable medium of claim 15, whereindecrypting the second encrypted communication comprises: decrypting thesecond communication using the second encryption algorithm and thesecond encryption key.
 17. The non-transitory computer readable mediumof claim 16, wherein the first encryption algorithm and the secondencryption algorithm are different encryption algorithms.
 18. Thenon-transitory computer readable medium of claim 15, wherein generatingthe first message digest comprises using a third secret.
 19. Thenon-transitory computer readable medium of claim 15, wherein the methodfurther comprises: generating, by the n-bit generator, a third messagedigest using the first secret, a third secret, and a second changevalue.
 20. The non-transitory computer readable medium of claim 15,wherein the first encrypted communication and the third encryptedcommunication are sent during a single communication session.
 21. Thenon-transitory computer readable medium of claim 15, wherein generatingthe second message digest comprises: combining the first change valuewith an intermediate result to create an interim dynamic secret, whereinthe intermediate result is obtained during the generation of the firstmessage digest; and using the interim dynamic secret to generate thesecond message digest.